Cyber News from the Past Week

Cyber News from the Past Week

1. Entrust, an information security company that provides services to some of the largest government offices in the use in areas relating to identification, payments, encryption, and more, is suffering from a ransomware attack. The company sent a letter to their clients reporting that about a month ago, and attacker had managed to enter the internal network and steal sensitive information. Depending on the nature of the data stolen, this could have a major impact on companies that use services provided by Entrust.

2. Twitter was breached in December 2021 due to a vulnerability that was only discovered and reported to Twitter in January 2022. The data of 5.4 million Twitter users was stolen due to that breach and is now being offered for sale for $30,000.

3. According to the Lockbit hacker group, the Italian Tax Authority was attacked and data was stolen. On the group’s site, they claim to have stolen 78 GB of sensitive data, and gave a 5 day ultimatum to pay the ransom. At this point, there has been no official communication from the Authority.

4. Two schools located in the Bedforshire district of England have suffered from ransomware attacks carried out by the Hive hacker group, who are demanding a ransom of ￡500,000 (about $600k). The Hive group did not content itself with demanding a ransom, and used the stolen databases to send messages to students and parents in order to update them on the hack and the stolen information, which according to the group also includes residential addresses, bank details, medical information, and even psychological evaluations performed on the students.

5. There has been a suspected attack on Sapir College’s website: Last Friday, students at the college received SMS messages claiming that their personal information was being held by hackers. The college stated: "In light of SMS messages sent to students indicating a cyber attack, the computing department at the college has been in direct contact with the Israeli cyber system. At this moment, the systems have not been damaged and the issue is under control."

Likud website Causes a "Serious Violation of Privacy"

The Likud website caused a "serious violation of privacy" by allowing any user to check which of the citizens of Israel registered for the Likud party by entering that user’s name in an application that was made available on the website recently.

This caused the Likud’s voter book to be leaked, including the last four digits of the ID card of the incumbents. The problematic site was taken down by order of the Privacy Protection Authority, but access to the Likud servers remained open - so anyone with minimal technical knowledge could still find the information.

Cyber Attacks Costing More Than Ever

IBM reports that the average cost of a cyber attack to an organization is $4.35 million, an increase of 13% since 2014.?

IBM researchers studied 550 companies worldwide that had experienced a cyber-attack. They found that 60% of the companies that were attacked passed the costs of the damage onto their customers by raising the prices of their goods, services, and other offerings.

83% of the companies involved in the study said that they were attacked more than once, and some even several times a year. More than half of the cost of damage caused by cyber-attacks occurred more than a year after the hack.

Another statistic showed that 28% of the cyber-attacks on critical infrastructure organizations were through ransomware or destructive attacks. "These attacks testify, once again, to the aspirations of the attackers to leverage the global crisis in the supply chains, which those organizations rely on."